mirror of https://github.com/MISP/MISP
new: [securityAudit] Check expose_php setting
parent
ba71bee293
commit
fc16acb070
|
@ -227,6 +227,13 @@ class SecurityAudit
|
|||
];
|
||||
}
|
||||
|
||||
if (ini_get('expose_php')) {
|
||||
$output['PHP'][] = [
|
||||
'hint',
|
||||
__('PHP `expose_php` setting is enabled. That means that PHP version will be send in `X-Powered-By` header. This can help attackers.'),
|
||||
];
|
||||
}
|
||||
|
||||
if (extension_loaded('xdebug')) {
|
||||
$output['PHP'][] = [
|
||||
'error',
|
||||
|
|
Loading…
Reference in New Issue